VYPR

SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)

by Siemens Foundation

CVEs (31)

  • CVE-2020-15782CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.05

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…

  • CVE-2022-38465CriOct 11, 2022
    risk 0.60cvss 9.3epss 0.00

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…

  • CVE-2023-38380HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS…

  • CVE-2022-43768HigApr 11, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl.…

  • CVE-2022-43767HigApr 11, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl.…

  • CVE-2022-43716HigApr 11, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl.…

  • CVE-2021-40365HigDec 13, 2022
    risk 0.49cvss 7.5epss 0.01

    Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

  • CVE-2021-37205HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…

  • CVE-2021-37204HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open…

  • CVE-2021-37185HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…

  • CVE-2021-33737HigSep 14, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1…

  • CVE-2021-37172HigAug 10, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to…

  • CVE-2020-28400HigJul 13, 2021
    risk 0.49cvss 7.5epss 0.02

    Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

  • CVE-2020-25242HigMay 12, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions). Specially crafted packets sent to…

  • CVE-2019-19300HigApr 14, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…

  • CVE-2019-13946HigFeb 11, 2020
    risk 0.49cvss 7.5epss 0.01

    Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that…

  • CVE-2019-10936HigOct 10, 2019
    risk 0.49cvss 7.5epss 0.02

    Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

  • CVE-2019-10923HigOct 10, 2019
    risk 0.49cvss 7.5epss 0.01

    An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

  • CVE-2019-10943HigAug 13, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC…

  • CVE-2017-12741HigDec 26, 2017
    risk 0.49cvss 7.5epss 0.03

    Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Page 1 of 2